ControlScan Blog


Posts Tagged: Compliance



August 16, 2018Published by

In the business world, compliance audits are a fact of life. Standards must be followed, and each governing body must receive its assurances. We’ve identified the number one reason businesses fail their PCI QSA audit, and it’s not what you may think.

  Read More   


July 27, 2018Published by

A PCI DSS readiness assessment (also known as a gap analysis) is an effective method for finding and fixing compliance holes efficiently and economically. Read this post to learn if your business can benefit from a readiness assessment.

  Read More   


        Featured        

June 25, 2018Published by

How do you find the best PCI QSA for your company? Here are the 6 criteria you should apply when searching for your next Qualified Security Assessor.

  Read More   


April 13, 2018Published by

As a security consultant, I’ve been in a lot of hospitals, clinics and practices—and I’ve seen a lot of “worry” over the cybersecurity threat landscape. I’d like to see more of this worry translate into action, because it’s just not happening.Other than worry, what can healthcare institutions and their IT/IS leaders do to protect electronic personal health information (ePHI)? I have been part of three major healthcare breaches and post-breach forensics revealed that two of them could have been limited in scope if they had been actively monitoring and alerting to changes inside their IT networks.

  Read More   


December 12, 2017Published by

Penetration tests have always had a higher price tag, but their overall cost to you is about to increase in 2018. Here’s what’s changing and how you can keep these costs contained in 2018 and beyond.

  Read More   


October 30, 2017Published by

On October 5th, 1953, the New York Yankees became the only team in baseball history to win five championships in a row. Today I’m pleased to tell you that ControlScan has passed the PCI Approved Scanning Vendor (ASV) revalidation test, also for the fifth consecutive year!This was no easy feat. Read on to learn how we did it.

  Read More   


August 16, 2017Published by

I’ve been an information security assessor (PCI, HIPAA, ISO, etc.) for a long time and it’s always interesting to find out why a company has brought me in to do an assessment.Is the goal to shore up their existing security environment, or just check a compliance box to make one of their clients or vendors happy? The answer to that question will usually determine the assessment’s success.

  Read More